English
Gamereactor
news

Steam accounts hijacked after security 'bug'

But Valve has already solved the issue.

Subscribe to our newsletter here!

* Required field
HQ

Some Steam users had a difficult weekend, losing access to their accounts due to a major security hole in Valve's platform. The problem arose in the password change process, that sends an email to the user with a code that must then be entered to confirm the password change. The problem was that the code was not necessary to change the password. If you left the field blank, the system would assume it as the correct code to change the password. Ooops!

A tremendous security hole, but one that will not cause more than a bit of inconvenience to users, since they reportedly didn't lose important information. Valve revealed to Kotaku that they were aware of this problem on July 25, and that it has since been resolved. A statement also noted that all accounts with suspicious changes during this period received a forced password reset, so that the original user must change it back.

Steam accounts hijacked after security 'bug'


Loading next content